[Pgpool-hackers] [patch] add a username option to pg_md5 in md5auth mode
Tatsuo Ishii
ishii at sraoss.co.jp
Sun Jun 12 03:51:16 UTC 2011
Nicolas,
Thanks for your patches. This is actually what I wanted to do with
3.1. Great!
> I have found that pg_md5 in md5auth mode can only create a pool_passwd
> entry for the unix user running it. You cannot just edit the username
> in pool_passwd afterwards since the hash is created as
> md5(PasswordUsername) in PostgreSQL. Thus the possible ways to add
> valid accounts to pool_passwd are :
>
> - - get the hash from pg_shadow (only works if the passwords are encrypted
> in the database)
> - - create the hash from PasswordUsername with pg_md5 without -m then edit
> pool_passwd
> - - have a unix account for each user in PostgreSQL (!)
>
> Thus the attached patch (against HEAD rev 1.11) add a --username (or -u)
> to pg_md5 to let the administrator create pool_passwd for any role more
> easily. It falls back to the current username when the -u argument is
> empty or the option is note given and has no effect when -m is not
> specified. The patch also adds the option to the English documentation,
> since I don't know Japanese, I could not update the Japanese version :)
>
>
> Also, the patch use MAX_INPUT_SIZE for the username buffer, it is
> currently 32 bytes, which is quite small for both username and password.
> I think it could be changed to 64 at least, 128 would be best. What do
> you think?
128 is fine for me too. I will modify the part and apply your patches.
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese: http://www.sraoss.co.jp
More information about the Pgpool-hackers
mailing list